Elastic IPs

An Elastic IP is an IP address you can assign to one or several instances
in addition to its regular IP address. There are several uses for this
new feature:

Fixed IP address: the IP address is not attached to a specific instance and can be attached to a different instance at will.

Multiple IP addresses: an instance can receive an arbitrary number of elastic IP (useful for TLS without SNI).

High availability: the IP address can be moved to another instance in case of failure of the first instance.

Reserving IP addresses

The first step is to reserve an IP address. This can be done through
the portal. In the Compute tab, choose
the IP Addresses
tab. You should see the following screen:

Ensure you select the right availability zone and press the Add
button. After a few seconds, the reserved IP address appears in your
account:

You can reserve as many IP addresses as you want. You will be billed
for each IP address reserved. Once you don’t need an IP address
anymore, use the Delete icon to release it.

To see more details, click on the Edit icon. From here, you can
modify the reverse DNS entry for the IP, associate the instances and see
the currently assigned instances. We’ll explore this part of the
interface in the following sections.

Assigning an IP address

The second step is to assign the IP address to an instance. There
are two ways to do that. The first way is to go
the IP Addresses
tab, locate your IP address and click on the Edit icon. Then, choose
the appropriate instance in the drop-down menu:

The second way is to go to the details of your instance. You should
find a section Additional IP addresses with a drop-down menu to
select the IP address you want to use with this instance:

Configuring the instance to use the IP address

While the traffic targeted at this IP address is now directed to the
specified instance, you need to configure the new address directly on
your instance as well. Currently, we’ll cover only Debian/Ubuntu and
CentOS.

Debian/Ubuntu

In /etc/network/interfaces.d/eip.cfg, add the following snippet:

auto lo:1
iface lo:1 inet static
address 159.100.241.235/32

Then, use ifup lo:1 to enable the IP. It will also be enabled
automatically on boot. From here, you should be able to ping your
instance and any service authorized in the associated security group
should be reachable with this EIP as well.

If you need to add an additional IP, use lo:2, lo:3, etc.

On Debian 8, you have to add source /etc/network/interfaces.d/* in
your /etc/network/interfaces.

CentOS

Create a /etc/sysconfig/network-scripts/ifcfg-lo:1 file with the
following content:

Then, use ifup lo:1 to enable the IP. It will also be enabled
automatically on boot. You should be able to ping the IP address and
any service authorized in the associated security group should be
reachable with this EIP as well.

If you need to add an additional IP, use lo:2, lo:3, etc.

CoreOS

Create the configuration file for loopback interface
‘/etc/systemd/network/loopback-alias.network’, with the following
content:

To apply the configuration, run sudo systemctl restart systemd-networkd
to restart. It will also be enabled automatically on boot.
You should be able to ping the IP address and any service authorized in
the associated security group should be reachable with this EIP as well.

You can add multiple loopback Address blocks.

Other Linux

You can manually add the IP address on any Linux instance with the
following command:

ip addr add 159.100.241.235/32 dev lo

But it will be lost if you reboot the instance.

OpenBSD

Configure your Elastic IP with this single command:

echo inet 159.100.241.235/32 > /dev/hostname.lo1

You can reconfigure your network on the fly with

sh /etc/netstart

Windows

As a first step, we need to install a special driver. For this, open a
command line and execute the following command:

hdwwiz

You should get the Add Hardware wizard:

Click on Next. On the next screen, choose the second option:

Click on Next. On the next screen, choose Network adapters:

Click on Next. On the next screen, choose Microsoft in the left
list, then Microsoft KM-TEST Loopback Adapter in the right list:

Click on Next, then on Install.

Open a command-line and execute ipconfig /all. You should find an
interface named Ethernet 2 whose description is Microsoft KM-TEST
Loopback. Let’s rename it:

Examples

Let’s examine some use cases.

Fixed IP address

The first use case is to use a fixed IP address you can move from one
instance to another. Typically, you are upgrading your web server to a new
instance and you want to switch the IP address from the old instance to the new
one without relying on DNS. This is also known as blue-green deployment.

First, you need to follow those steps to use an EIP with the current
instance (unless the current instance is already using an EIP):

Reserve a EIP address

Assign the EIP address to the current instance

Configure the EIP address inside the current instance

Update your DNS configuration to use the EIP address

Wait a bit for the DNS to catch the change

Now, when your new server is ready to take over, follow these steps:

Configure the EIP address inside the new instance (this has currently no effect, the traffic still goes to the old instance)

Assign the EIP address to the new instance (the new instance may or may not receive traffic)

Unassign the EIP address from the old instance (the old instance will stop receiving traffic and the new one will receive traffic)

Unconfigure the EIP address from inside the old instance

Multiple IP addresses

The second use case is the need to use several IP addresses on the
same machine. This can be needed if you want to use multiple TLS
certificates or run several instances of the same service.

Here are the steps:

Reserve several EIP addresses

Assign the EIP addresses to the target instance

Configure the EIP addresses inside the target instance (first one on lo:1, second one on lo:2, etc.)

High availability

The third use case is to setup an highly available service. When an
instance fails, you can quickly transfer traffic to the remaining
instances.

Here are the steps:

Reserve a EIP address

Assign the EIP address to each instance of a group

Configure the EIP address inside each instance

From here, only one of the instance will receive traffic. If you stop
this instance or unassign the IP address from this instance, another
instance will automatically take over the traffic.

This use case needs some automation to really be efficient. You could
use your monitoring system to remove the IP address from failed
instances using the API. Have a look at our
“HAProxy Elastic IP Automatic failover” blog post for an example.

Fixed source IP address

In the configuration samples, the elastic IP address is set up as an
additional IP address for your instance: the original IP address still
works and is used for outgoing connections. You should not remove
the original IP address as the elastic IP address won’t work without
it. Moreover, if you have to move the elastic IP to another instance,
the original instance won’t be accessible anymore.

There are some cases where you would want to use the elastic IP as a
source IP address (for example, if you run an SMTP server). The
easiest way to achieve this is to configure the elastic IP address
directly in your software configuration. For instance, with Postfix,
you can add the following line in /etc/postfix/main.cf:

smtp_bind_address = 159.100.241.235

Most software have a similar setting for outgoing connections. Search
for the bind keyword in the documentation.

Did you like this tutorial? Then you’ll love our Cloud Platform. Register now!